ANTlabs InnGate is a gateway device designed for operating corporate guest/visitor networks. Multiple InnGate models have been confirmed to be vulnerable to SQL injection and cross-site scripting attacks. The ppli URL parameter of the main.ant page is vulnerable to SQL injection. A remote attacker can perform arbitrary queries on the underlying database. According to ANTLabs, only https connections are vulnerable to this attack.